Introduction to zVM and Linux on mainframe - Linux on...IBM Software Group Introduction to zVM and Linux on systemZ © 2008 IBM Corporation The latest zVM : zVM Version 5 Release 4

© 2008 IBM Corporation

IBM Software Group

Introduction to zVM and Linux on mainframe

JOUNIAUX [email protected]

IBM Software Group

Introduction to zVM and Linux on systemZ © 2008 IBM Corporation

IBM Software Group


IBM Software Group


Agenda

•Definition•History•The advantages of virtualization•Linux•Sofware portfolio•Networking•Security•Monitoring•References and links

IBM Software Group


System z Solutions strategy

IBM’s Solutions approach is designed to leverage the best that System z has to offer in the New Enterprise Data Center

Passing through to your solutions the high quality of service inherit with the mainframe:

– Responsive– Available – Secure

At a price point aligned with distributed computing.

– Reduced specialty engine prices*– Lower memory prices with purchase of specialty engine.**

* Does not include Internal Coupling Facilities (ICFs)** Limited to 16GB per specialty engine

IBM Software Group


Definition of the Virtualization

“In computing, platform virtualization is a term that refers to the abstraction of computer resources. Virtualization hides the physical characteristics of computing resources from their users, be they applications, or end users. The term has been widely used since the 1960s.

Platform virtualization is performed on a given hardware platform by host software (a control program), which creates a simulated computer environment, a virtual machine, for its guest software. The guest software, which is often itself a complete operating system, runs just as if it were installed on a stand-alone hardware platform. Typically, many such virtual machines are simulated on a single physical machine, their number limited only by the host’s hardware resources. Typically there is no requirement for a guest OS to be the same as the host one.”

From Wikipedia

IBM Software Group


Definition of the Virtualization

Virtualization was born out of efforts by IBM to study the characteristics of time-sharing systems so that hardware could be developed that effectively supported this type of operating system. A side goal of this effort was to build an efficient and effective time-sharing system.

What makes virtualization unique is the concept of virtual machines. A virtual machine has all of the characteristics of a physical machine except one: it does not require dedicated hardware for its exclusive use. Thus, virtualization allows sharing of physical resources among many servers, typically called guests.

IBM Software Group


A brief history of zVM

1960s

1972

1980

1981

1988

1995

2001

CP-67 VM/370 VM/SP VM/HPO VM/XA VM/ESA z/VM64-bits

IBM Software Group


A brief history of zVM

The virtual machine conceptis not new for IBM®...More than 40 Years ofvirtualization experience

IBM Software Group


Server Virtualization Approaches

Hardware partitioning subdivides a server into fractions, each of which can run an OS Hypervisors use a thin layer of code to achieve fine-grained, dynamic resource sharing Type 1 hypervisors with high efficiency and availability will become dominant for servers Type 2 hypervisors will be mainly for clients where host OS integration is desirable

Hypervisor software/firmwareruns directly on server

Hypervisor software runs ona host operating system

System z PR/SM and z/VMPOWER HypervisorHP Integrity VMVMware Infrastructure (ESX)

VMware Server (GSX)Xen HypervisorMicrosoft Virtual Server

Sun Domains, HP nPartitions

Logical partitioning

Physical partitioning

System p LPAR, HP vPartitions

Adjustablepartitions

PartitionController

...

SMP Server

OS

Apps

OS

Apps

Hypervisor

SMP Server

...OS

Apps

OS

Apps

Host OS

SMP Server

Hypervisor

...OS

Apps

OS

Apps

Hardware Partitioning Hypervisor: Type 1 Hypervisor: Type 2

IBM Software Group


What’s the advantages of the Virtualization

Flexibility Reduce the space floor Decrease the power consumption Decrease the number of cooling

system Internal networking

Reduction of your IT bill

IBM Software Group


Where to deploy on System z – z/OS or Linux?

IBM Software Group


Where to deploy – System z or “distributed”

IBM Software Group


The latest zVM : zVM Version 5 Release 4

z/VM V5.4 will operate on:

– IBM System z10 Enterprise Class – IBM System z10 Business Class – IBM System z9 Enterprise Class – IBM System z9 Business Class – IBM eServer zSeries 990 – IBM eServer zSeries 890 – IBM eServer zSeries 900 – IBM eServer zSeries 800

IBM Software Group


The latest zVM : zVM Version 5 Release 4

Greater flexibility with support for the new z/VM-mode logical partitions

– Allowing all systemZ processor-types (Cps, IFLs, zAAPs and ICFs)

Capability to install Linux on systemZ from the HMC

Dynamic memory upgrade. Memory can be added nondisruptively to individual guests that suppor it.

Processors, channels, OSA adapters and memory can be dynamically added to both the zVM system itself and to individual guests.

IBM Software Group


Linux & IBM

IBM Software Group


Linux on systemZ ?

Standard Linux distribution recompiled to use the full potential .of your mainframe

.Linux on systemZ is like others Linux

IBM Software Group


Linux on systemZ ?

●Native system● Pure Linux, ASCII environment● zSeries hardware● Linux for S/390 (31-bit)● Linux for zSeries (64-bit)

●Linux works on:● LPAR, z/VM● z/VM can have more than 100 Virtual Servers

●Integrated Facility for Linux (IFL)● Dedicated at z/VM and Linux

IBM Software Group


Linux caractéristiques

●Linux se développe beaucoup en scalabilité horizontal●Linux est fiable pour beaucoup d’applications●Compétences Linux sont disponibles

● Linux est populaire dans l’éducation● Les programmes de certification Linux sont disponibles

●Portage vers Linux est simple● Plusieurs grands projets ont migrés de UNIX rapidement et complétement.● Les outils sont disponibles

●Les ISVs adoptent Linux●Linux est bien architecturé pour la sécurité, le développement Open Source améliore ceci

● Le « process » de développement (Exposé vs. Caché)● The US National Security Agency (www.nsa.gov/selinux)● Linux security seb site (www.linuxsecurity.com)● Common criteria certification

●Gouvernements et clients adoptent Linux

IBM Software Group


Why to put a Linux into a mainframe

Unify the infrastructure•IT optimization and server consolidation based on virtualization technology and Linux•Linux can help to simplify systems management with today's heterogeneous IT environment

Leverage the mainframe data serving strengths•Deploy in less time, accessing core data on z/OS•Reduced networking complexity and improved security network “inside the box”

A secure and flexible business environment•Linux open standards support for easier application integration•Unparalleled scale up / scale out capabilities•Virtual growth instead of physical expansion on x86 or RISC servers

Leverage strengths across the infrastructure•Superior performance, simplified management, security-rich environment•High-performance security-rich processing with Crypto2 cryptographic co-processors•Backup and restore processes

Take back control of your IT infrastructure

IBM Software Group


Linux distributions who run on the mainframe

And more …

IBM Software Group


Linux Distribution Partners :

IBM Software Group


Linux filesystems sharing

●Bind mount directories● Method to share common filesystems among

multiple Linux guests● Differ from device mounts in that the source is

- the global filesystem namespace itself not a .block device

●Basevol filesystem● Bootable read-only common packages and

services needed by all Linux guests in a :penguin colony including

● /sbin, /bin, /lib, /usr, /var/lib/rpm●Guestvol filesystem

● Read/write filesystem containing the packages and configuration files needed to personalize

a single Linux guest● /etc, /var, /home, /opt, /dev, /tmp, /

IBM Software Group


An example of success story : HoplonA sci-fi massive social game

Click here to start the movie

IBM Software Group


IBM software for Linux on System z

http://www.ibm.com/linux/matrix

Mid

dlew

are

Envi

ronm

ent

Human Interaction & Collaboration

Systems Management

& SecuritySoftware

DevelopmentInformation

ManagementTransactions & Messaging

DB2 TivoliLotus WebSphere Rational

IBM Software Group


Large portfolio of IBM Software IBM Databases, Extenders and Tools

– IBM DB2 Universal Database ESE– IBM DB2 Intelligent Miner™ Modeling/Scoring – IBM DB2 Net Search Extender– IBM DB2 Performance Expert for Multiplatforms– IBM DB2 Performance Expert for Workgroups– IBM DB2 Spatial Extender– IBM DB2 Net.Data®– IBM DB2 Recovery Expert for Multiplatforms– IBM Informix Dynamic Server– IBM Cloudscape

IBM Connectors– IBM DB2 Connect– IBM CICS Transaction Gateway– IBM IMS™ Connector– IBM WebSphere MQ– IBM VSE/ESA™ e-business Connectors

IBM Rational®– IBM Rational ClearCase®– IBM Rational ClearCase LT

IBM Lotus®– IBM Lotus Domino™– IBM Lotus Workplace Web Content– IBM WebSphere– IBM WebSphere Application Server – IBM WebSphere Commerce Suite– IBM WebSphere Portal for Multiplatforms– IBM WebSphere Host on Demand– IBM WebSphere MQ

IBM Tivoli® System Management– Security management

– IBM Tivoli Directory Integrator– IBM Tivoli Directory Server– IBM Tivoli Access Manager for e-business– IBM Tivoli Access Manager for operating

systems– IBM Tivoli Federated Identity Manager– IBM Tivoli Identity Manager client– IBM Tivoli Privacy Manager for e-business– IBM Tivoli Risk Manager– IBM Tivoli Security Compliance Manager

Storage management– IBM Tivoli Storage Manager™– IBM Tivoli Storage Manager for databases

Performance management– IBM Tivoli Enterprise Console (TEC)– IBM Tivoli NetView®– IBM Tivoli Monitoring– ITM Omegamon XE for z/VM and Linux– IBM Tivoli Service Level Advisor– IBM Tivoli System Automation for Multiplatforms

Configuration and operation– IBM Tivoli Configuration Manager– IBM Tivoli License Manager– IBM Tivoli Provisioning Manager– IBM Tivoli Intelligent Orchestrator– IBM Tivoli Remote Control– IBM Tivoli Workload Scheduler

Other– IBM Communication Server– IBM Communication Controller

IBM Software Group


Major ISVs Supporting Linux on System z and zSeries

ERP, Production Planning, LogisticsABAS Software AGSAPIFS

DatabaseOracle 9i & 10gSoftware AG Tamino (XML Database)

Application & e-business IntegrationTibcoIonaWebLogicAeonware (B2B/B2C)

Systems ManagementBMC Patrol BMC Mail Server Knowledge AgentBMC Web Server Knowledge AgentComputer AssociatesLegato Networker for LinuxLinuxCare (Levanta)Veritas Software Corp.

Windows migration (ASP, .NET)Stryon Software

Print serverMacro4

Stock trackingRTS Realtime Systems

Core Banking ApplicationsSanchez, M2M, S2, ...

Mail & Calendaring serverSendmail (Mail)Bynari (Mail & Calendaring)Nexus Neon

Development & Testing ToolsLogics SoftwareRational Software (now IBM)Rogue Wave SoftwareDignusACTS (testing)Acucorp Inc. (Cobol solutions)MicroFocus

FirewallzGuardStoneSoft (Stonegate)

Grid ComputingPlatformData SynapseGlobus Toolkit

ISVs are constantly releasing new applications for Linux on System z

IBM Software Group


Linux on System z ISV status

IBM Software Group


Networking

Granular, simple, secure, and cost effective communication

Real Network

LinuxLinux

LinuxLinux LinuxLinux

LinuxLinux LinuxLinux

LinuxLinux

Linux

Linux

Linux

Linux

Linux

Linux

Linux

Guest LAN #1Guest LAN #2

Guest LAN #3zSeriesVirtualization

Network

Hypervisor

L01 L02 L03 L04 L05

Linux

L06 L07 L08 L09 L10

Linux orVM TCP/IP L11 L12 L13 L14 L15

LAN

VirtualRouters

Virtual routers accessthe physical (real) network

IUCV or virtual CTCA used to connect to virtual routers

Subnet 1

Subnet 2

Subnet 3

OSA

Linux orVM TCP/IP

Guest LAN = virtual hiperSocket or QDIO

Virtual Point-to-Point connection

OSA

Hyperv isor Control ProgramVirtual IP Switch

z/OSLinuxLinuxLinuxLinuxLinuxLinux

IEEE VLAN 1 IEEE VLAN 2

NetworkLAN

Virtual IP Switch layer 3 or 2 and Vlan support

Simple and cost effectiveEliminate complex, costly external network connectionsVirtualize switches and routers

FlexiblePoint-to-point connections

Virtual Channel to ChannelInter-User Communication Vehicle (IUCV)

Guest LanHiperSocketsEthernet

Virtual IP SwitchEliminate Router(s)Exploit IEEE VLAN topology

IBM Software Group


Networking – Simplest example of architecture

Linux - Gateway

Gue

st L

an

Linux – srv 1

Linux – srv 2

Linux – srv 3

OSA

LPAR 1

LPAR 2

zOS – DB2

Hyp

erS

ocke

t

The best LAN is one with

no wires

Internet

IBM Software Group


High security : Linux on System z is Linux ...stays Linux…Linux has security-rich features.

Linux is open, no security through obscurity, anyone can see flaws

and fix them.

Linux has a large active developer base enabling a thorough code review.

Linux has a worldwide user base which allows testing on a wide range of hardware and diverse

scenarios.

Linux benefits from almost immediate response tosecurity advisories and rapid implementation of

new technologies.

IBM Software Group


Access Control Anti-Virus Cryptography Digital

Certificates Directory

Services Firewall Hardening Image Isolation

Intrusion Detection

Pluggable Authentication Modules (PAM)

Security-rich Network Communication

User Management

High security : Key Technologies Available on Linux

IBM Software Group


Vendor ProductOpen Source Product

Snort, Snare, PortSentry, TripWire, LIDS, IPLog, IBM Tivoli Risk Manager, ISS RealSecure, PredatorWatch, SafeZone

Intrusion Detection

IPTables/NetFilter, zGuard, StoneGateFirewall

Freeware PKI, z/OS PKI ServicesDigital Certificates

Open LDAP, IBM Directory, CA's eTrust Directory, NIS/NIS+Directory Services

ClamAV, OpenAntiVirus, AmaViS, MIMEDefrag, CA's eTrust AntiVirus, TrendMicro, REA Internet F-PROT, Roaring Penguin’s CanIt

Anti-Virus/Anti-Spam

SELinux, APParmor, LoMac, Best Bits, IBM Tivoli® Access Manager & WebSeal, CA's eTrust Access Control & Web Access

Access Control Lists

IBM Software Group


Vendor ProductOpen Source Product

Proxy Suite from SuSE, IBM Edge ServerProxy Server

IBM Tivoli Access Manager, CA's eTrust DirectoryDistributed Policy Management

CFS, TCFS, ppdd, McAfee's e-Business ServerSecure Data

Bastille, Tiger, DistributionsSystem Hardening

OpenSSL, GSKIT, PKCS#11Secure Socket Layer (SSL)

OpenSSH, PGP, GNU PGP, USAGI IPv6, FreeS/WAN, CA's eTrust VPN, StoneSoft's StoneGate VPN, SecureAgent Software

Security-rich Network Communications

IBM Software Group


High security : RACF

Provides an access control mechanism– effective user verification, – resource authorization, – logging capabilities.

Supports the concept of user accountability

Controls access to and protects resources on both multiple virtual storage (z/OS) and virtual machine (VM) systems.

Software access control mechanism to first identify who is trying to gain access to the system and verify that the user is really that person

IBM Software Group


Performance monitoring

IBM Software Group


RMFPMS - Architecture

IBM Software Group


RMFPMS - version support

Server:– Linux Version 2.4.x or 2.6.x, IBM zSeries (or Intel x86

architecture)

Client:– Windows NT, 9x, 2000, XP, Linux x86, with Java 1.3

zSeries platform environment:– LPAR mode– Under z/VM

IBM Software Group


RMFPMS - Web Browser Interface

IBM Software Group


RMFPMS - rmf graphical client

IBM Software Group


IBM Tivoli OMEGAMON XE on z/VM and Linux

Product Highlights :

Identify, isolate and correct problems between z/VM and Linux instances quickly and easily

Helps optimize the z/VM Linux environment View and monitor workloads for virtual machines, groups,

response times and LPAR reporting Historical reporting and trending analysis Reports on z/VM and Linux usage of resources such as

CPU utilization, storage, mini-disks, and TCP/IP Detailed reporting on workloads of z/VM and the Linux

instance workloads Provides a single point of control for managing z/VM and

its Linux instances

IBM Software Group


IBM Tivoli Monitoring components

IBM Software Group


IBM Tivoli OMEGAMON XE on z/VM and Linux

IBM Software Group


Provisioning (IBM Director)

Click here to start the video

IBM Software Group


Provisioning (Audelium)

IBM Software Group


Provisioning (Audelium)

IBM Software Group


Woldwide References

IBM Software Group


References - Links

IBM Linux ibm.com/linux

IBM Software ibm.com/linux/software

IBM Global Services ibm.com/linux/support

IBM Linux on System z ibm.com/systems/z/os/linux

IBM developer works ibm.com/developerworks

IBM z/VM vm.ibm.com

Red Hat europe.redhat.com

Novell/SUSE novell.comExternal Linux onSystem z Mailing List

www.marist.edu/htbin/wlvindex?linux-390

IBM Software Group


References -

Actual 141 entries, e.g.:– IBM System z9 109 Technical Introduction, SG24-6669-00,

Redbook, published 26 July 2005– z/VM and Linux on zSeries: from LPAR to Virtual Servers in Two Days,

SG24-6695-00,Redbook, published 20 June 2005

– IBM Communication Controller Migration Guide, SG24-6298-01,Redbook, published 14 June 2005

– Linux on zSeries: Samba-3 Performance Observations, REDP-3988-00,Redpaper, published 1 April 2005

– IBM eServer zSeries Connectivity Handbook, SG24-5444-04,Redbook, published 15 February 2005

– Experiences with Oracle 10g Database on Linux for zSeries, REDP-3859-00,Redpaper, last update 22 December 2004

– ...

http://publib-b.boulder.ibm.com/cgi-bin/searchsite.cgi?query=Linux+and+(System+and+z9+or+zseries+or+S/390)

IBM Software Group


Questions ?

IBM Software Group


More specifics questions ?

[email protected] 655 5931

0478 35 21 28

Documents

Introduction to zVM and Linux on mainframe - Linux on...IBM Software Group Introduction to zVM and Linux on systemZ © 2008 IBM Corporation The latest zVM : zVM Version 5 Release 4